World Economic Forum

65% of organizations in Latin America and the Caribbean reported insufficient cybersecurity skills to achieve their security objectives.

31% of global business leaders reported low confidence in their nations' ability to respond to critical infrastructure attacks.

63% of organizations in sub-Saharan Africa reported insufficient cybersecurity skills to achieve their security objectives.

73% of global business leaders were or knew someone directly affected by cyber-enabled fraud in 2025.

94% of global business leaders expect AI to be the most consequential force shaping cybersecurity in 2026.

65% of large companies cited third-party and supply chain risks as their greatest cyber resilience barrier in 2026, up from 54% in 2025.

87% of global business leaders reported experiencing rising AI-related vulnerabilities in 2025.

Smaller organizations are twice as likely to report insufficient resilience compared to large firms.

The cyber skills gap has increased by 8% since 2024.

38% of public-sector organisations report insufficient resilience, compared to 10% of medium-to-large private-sector organisations.

One in three CEOs cite cyber espionage and loss of sensitive information/intellectual property (IP) theft as their top concern.

54% of large organisations identified supply chain challenges as the biggest barrier to achieving cyber resilience.

The proportion of large organisations reporting insufficient cyber resilience has nearly halved.

47% of organisations cite adversarial advances powered by generative AI (GenAI) as their primary concern.

42% of organisations reported phishing and social engineering attacks in 2024.

49% of public-sector organisations indicate they lack the necessary talent to meet their cybersecurity goals, which is a 33% increase from 2024.

66% of organisations expect AI to have the most significant impact on cybersecurity in the year to come, but only 37% report having processes in place to assess the security of AI tools before deployment.

Only 14% of organisations are confident that they have the people and skills they need today.

Nearly 60% of organisations state that geopolitical tensions have affected their cybersecurity strategy.

72% of respondents report an increase in organisational cyber risks.

36% of respondents in Africa and 42% in Latin America lack confidence in their country's ability to respond to major cyber incidents targeting critical infrastructure.

36% of respondents in Africa and 42% in Latin America lack confidence in their country's ability to respond to major cyber incidents targeting critical infrastructure.

35% of small organisations believe their cyber resilience is inadequate, which is a sevenfold increase since 2022.

45% of cyber leaders are concerned about disruption of operations and business processes.

15% of respondents in Europe and North America lack confidence in their country’s ability to respond to major cyber incidents targeting critical infrastructure.

More than 76% of chief information security officers (CISOs) at the World Economic Forum’s Annual Meeting on Cybersecurity in 2024 reported that fragmentation of regulations across jurisdictions greatly affects their organisations’ ability to maintain compliance.

Two out of three organisations report moderate-to-critical skills gaps.